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A. CONTACT INFORMATION: 
Departmental Privacy Office 


Office of the Chief Information Officer 
U.S. Department of the Interior 
202-208-1605 
DOI_Privacy @ios.doi.gov 
B. SYSTEM APPLICATION/GENERAL INFORMATION: 
Notes: The Quicktime Time and Attendance application (Quicktime) falls within the Federal 
Personnel Payroll System (FPPS) C&A boundary, which consists of the Federal Personnel 
Payroll System application, the Quicktime application, the Web FPPS application, the 
Retirement Sub System, and the Datamart (a data warehouse). Each application has a 
separate Privacy Impact Assessment (PIA), except for WebFPPS which contains no data. 
1) Does this system contain any personal information about individuals? 
Yes. Quicktime contains the following personal information about individuals: 
e Social Security Number 
e Name 
e User ID 
a. Is this information identifiable to the individual? 


Yes. The information is identifiable to the individual. 
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b. Is the information about individual members of the public? 

No. The information pertains only to Federal Employees. 
c. Is the information about employees? 

Yes. The information in Quicktime is about employees of the Federal Government. 

2) What is the purpose of the system/application? 

The purpose of Quicktime is to input, validate, and certify time and attendance data for 
transmission to FPPS. Quicktime permits employee entry of time and leave requests, as well 
as traditional timekeeper data entry. The application provides for extensive editing to assure 
that data meets relational edits and regulatory requirements. Quicktime provides numerous 


reports for employees, timekeepers, certifiers, and administrators. 


2a) List all minor applications that are hosted on this system and covered under this 
privacy impact assessment: 


There are no minor applications hosted on Quicktime. 


3) What legal authority authorizes the purchase or development of this 
system/application? 


The legal authority for Quicktime is defined in the Office of Management and Budget Circular 
A-127, Policies and Standards for Financial Management Systems. This Circular is issued 
pursuant to the Chief Financial Officers Act (CFOs Act) of 1990, P.L. 101-576 and the 
Federal Managers’ Financial Integrity Act of 1982, P.L. 97-255 (31 U.S.C. 3512 et seq.); and 
31 U.S.C. Chapter 11. 


C. DATA in the SYSTEM: 
1) What categories of individuals are covered in the system? 


Categories of individuals covered in Quicktime currently include employees of the 
Department of Interior and non-Interior bureaus/agencies. 


2) What are the sources of the information in the system? 


a. Is the source of the information from the individual or is it taken from another 
source? If not directly from the individual, then what other source? 


The information in Quicktime is entered by the individual or taken from the FPPS 
application and other sources, as follows: 


e The initial personnel information on each employee is provided from interface files 
from the FPPS application or entered on-line by the administrator. 

e Employee information is updated by Administrators and Timekeepers. 

e Time and attendance data, including cost structure information, is entered by 
employees or timekeepers based on employee work effort during a pay period. 

e Employee leave and profile data is updated from interface files from the FPPS 
application. 


b. What Federal agencies are providing data for use in the system? 


The following entities are currently using Quicktime to enter and certify their T&A data: 


e. 
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Advisory Council on Historic Preservation 

African Development Foundation 

Bureau of Indian Affairs, Department of the Interior 
Bureau of Land Management, Department of the Interior 
Consumer Product Safety Commission 

Federal Labor Relations Authority 

Federal Retirement Thrift Investment Board 

Federal Emergency Management Agency 

Federal Trade Commission 

Fish & Wildlife Service, Department of the Interior 
Institute of Museum and Library Services 

International Trade Commission 

Millennium Challenge Corporation 

Minerals Management Service, Department of the Interior 
National Park Service, Department of the Interior 
National Transportation Safety Board 

Office of Inspector General, Department of the Interior 
Office of the Secretary, Department of the Interior 
Office of the Solicitor, Department of the Interior 

Office of the Special Trustee, Department of the Interior 
Office of Surface Mining, Department of the Interior 
Pension Benefit Guaranty Corporation 

Public Defender Service of the District of Columbia 
Securities and Exchange Commission 

The Presidio Trust 

U.S. Geological Survey, Department of the Interior 


Other Department of the Interior bureaus and other agencies may be added in future 
years. 


What Tribal, State and local agencies are providing data for use in the system? 
No Tribal, State, and local agencies are providing data for use in Quicktime. 

From what other third party sources will data be collected? 

Data is not collected from any other third party source for Quicktime. 

What information will be collected from the employee and the public? 


Time and Attendance data is collected from the employee. Data from the general public 
is not collected. 


3) Accuracy, Timeliness, and Reliability 


How will data collected from sources other than DOI records be verified for 
accuracy? 


Data accuracy is verified by the receipt or non-receipt of time and attendance data 
through edits that enforce the time and attendance rules based on the employee profile. 


How will data be checked for completeness? 


Data is checked for completeness by: 


e Editing personnel data to ensure that all required fields are populated. 


Quicktime 
Privacy Impact Assessment 


e Validating that all active employees have time and attendance records for the current 
pay period. 

e Monitoring all input files to ensure they have been received. 

e Performing edits against each input file to ensure that the receipt matches the 
transmittal. 

e Timekeeper and Certifier review and approval. 


c. Is the data current? What steps or procedures are taken to ensure the data is 
current and not out-of-date? Name the document (e.g., data models). 


Quicktime data is current. User profile data and leave balances are uploaded from FPPS 
nightly. Time and attendance data is validated to ensure that it is for the correct pay 
period. 


d. Are the data elements described in detail and documented? If yes, what is the 
name of the document? 


Data elements are described in detail and documented in the following documents: 


e Elements listed in the Oracle Data Dictionary 
e Database fields listed in the Quicktime System Maintenance Manual 


D. ATTRIBUTES OF THE DATA: 


1) 


2) 


3) 


4) 


5) 


6) 


Is the use of the data both relevant and necessary to the purpose for which the system 
is being designed? 


The use of the data is both relevant and necessary to process and report time and 
attendance data. This data is necessary to produce payroll for agencies who use Quicktime. 


Will the system derive new data or create previously unavailable data about an 
individual through aggregation from the information collected, and how will this be 
maintained and filed? 


Quicktime will derive new leave balances. This information is uploaded to and maintained in 
FPPS. 


Will the new data be placed in the individual’s record? 
Yes, the new data will be placed in the individual’s payroll records. 


Can the system make determinations about employees/public that would not be 
possible without the new data? 


No, the new data will not enable additional determinations. 
How will the new data be verified for relevance and accuracy? 
The data is verified through edits established to validate the data. 


If the data is being consolidated, what controls are in place to protect the data from 
unauthorized access or use? 


Data is not being consolidated in Quicktime. 


7) 


8) 


9) 


10) 
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If processes are being consolidated, are the proper controls remaining in place to 
protect the data and prevent unauthorized access? Explain. 


Not applicable for Quicktime. 


How will the data be retrieved? Does a personal identifier retrieve the data? If yes, 
explain and list the identifiers that will be used to retrieve information on the 
individual. 


Users retrieve Quicktime data via the employee name or user ID. 


What kinds of reports can be produced on individuals? What will be the use of these 
reports? Who will have access to them? 


Quicktime produces reports for use by employees, timekeepers, certifiers, and 
administrators. These reports are used to verify the correct cost structures, verify employees 
by role, provide status by user role, provide various audit reports, verify leave balances, and 
provide statements of historical T&A records. 


What opportunities do individuals have to decline to provide information (i.e., where 
providing information is voluntary) or to consent to particular uses of the information 
(other than required or authorized uses), and how individuals can grant consent). 


Quicktime contains no voluntary information. An employee's ability to consent to a particular 
use is governed by the policies of the individual client organizations. 


MAINTENANCE AND ADMINISTRATIVE CONTROLS: 


1) 


2) 


3) 


4) 


If the system is operated in more than one site, how will consistent use of the system 
and data be maintained in all sites? 


Quicktime is operated at one site. 
What are the retention periods of data in this system? 


Quicktime is covered under General Records Schedule (GRS) 2, “Payrolling and Pay 
Administration Records.” 


Time and attendance source records include any record upon which leave is based. NARA’s 
General Records Schedule 2, item 6 indicates that records may be destroyed after a GAO 
audit or after 3 years, whichever is sooner. Items 7 and 8 indicate that records may be 
destroyed after a GAO audit or after 6 years, whichever is sooner. 


What are the procedures for disposition of the data at the end of the retention period? 
How long will the reports produced be kept? Where are the procedures documented? 


Procedures for disposing of data are followed in accordance with approved NARA 
regulations. Disposition procedures are documented at http://www.archives.gov/records- 
mgmt/publications/disposition-of-federal-records/. 


Is the system using technologies in ways that the DOI has not previously employed 
(e.g., monitoring software, Smart Cards, Caller-ID)? 


There are no new uses of the technologies used to operate and maintain Quicktime. 


5) 


6) 


7) 


8) 


9) 
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How does the use of this technology affect public/employee privacy? 
Not applicable. 


Will this system provide the capability to identify, locate, and monitor individuals? If 
yes, explain. 


No. 

What kinds of information are collected as a function of the monitoring of individuals? 
Not applicable. 

What controls will be used to prevent unauthorized monitoring? 


For Quicktime, there are three levels of electronic security to prevent unauthorized access: 
e Network security limits access into DOI’s wide area network. 
e Application security is used to control access to Quicktime commands and roles 
assigned to individuals. 
e Rules of Behavior are signed by all users. 


Systems access is granted using the concept of “least privilege” required to perform one's 
duties. Physical controls are also in effect to limit access to the NBC Denver Data Center 
itself. 

NBC conducts internal reviews to help ensure compliance with Privacy Act law. 


Under which Privacy Act systems of records notice does the system operate? Provide 
number and name. 


Payroll, Attendance, Retirement, and Leave Records — Interior, Office of the Secretary — DOI 
85 


Each government agency using Quicktime is responsible for their own system of records 
notice covering the collection of data at their agency. 


10) If the system is being modified, will the Privacy Act system of records notice require 


amendment or revision? Explain. 


The system is not being modified. 


ACCESS TO DATA: 


1) 


2) 


Who will have access to the data in the system? (E.g., contractors, users, managers, 
system administrators, developers, tribes, other) 


NBC data access is required by staff including both government and contractor staff 
performing system maintenance. Within each client organization, an administrator 
determines the roles of each individual — employee, timekeeper, and/or certifier. The 
administrator assigns employees to the timekeepers and certifiers, thus restricting their 
access to the assigned individuals. Administrators may also assign timekeeper roles to 
contractors, as determined by the individual client’s needs. 


How is access to the data by a user determined? Are criteria, procedures, controls, 
and responsibilities regarding access documented? 


3) 


4) 


5) 


6) 


7) 


8) 


9) 
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Each client designates the role of Master Administrator. The Master administrator decides 
who has access to the data by assigning specific roles to the individual on a “need-to-know” 
basis. Access criteria, procedures, controls, and responsibilities beyond those built into the 
application are determined and documented by each user agency. NBC maintains 
documentation of Quicktime configuration settings and options. 


Will users have access to all data on the system or will the user’s access be 
restricted? Explain. 


The organization’s Administrator defines the access for timekeepers and certifiers. In the 
case of the employees, access is limited to their respective records. 


What controls are in place to prevent the misuse (e.g., unauthorized browsing) of data 
by those having access? (Please list processes and training materials) 


Administrators review access authorities on an on-going basis. 

Are contractors involved with the design and development of the system and will they 
be involved with the maintenance of the system? If yes, were Privacy Act contract 
clauses inserted in their contracts and other regulatory measures addressed? 

Yes, contractor personnel are involved with design, development, testing and implementation 
as well as maintenance and general support. Appropriate security and privacy clauses are 
contained in the contracts, such as the Privacy Act Notification (FAR 1452.224-1 and FAR 
52.224-01) and security per DOI OCIO memo of August 18, 2004, “Information Technology 
Security Requests for Acquisition.” 

Do other systems share data or have access to the data in the system? If yes, explain. 
Quicktime shares data with FPPS. Quicktime uploads time and attendance to FPPS for 
payroll calculation. FPPS transfers personnel information to Quicktime to populate new 
employees in the application. 


Who will be responsible for protecting the privacy rights of the public and employees 
affected by the interface? 


The interface is not applicable to members of the public. NBC is responsible for protecting 
privacy rights as the host of the Quicktime and FPPS applications. 


Will other agencies share data or have access to the data in this system (Federal, 
State, Local, Other (e.g., Tribal))? 


No other agency will share data or have access to the data in Quicktime 
How will the data be used by the other agency? 


Not applicable. 


10) Who is responsible for assuring proper use of the data? 


The clients’ Administrators are responsible for assuring proper use of the data. 


